mcp-sqlite-tools
Verified Safeby spences10
Overview
An MCP server enabling AI assistants to perform comprehensive, secure, and efficient SQLite database operations on local files, including data manipulation, schema changes, and transaction management.
Installation
npx -y mcp-sqlite-toolsEnvironment Variables
- SQLITE_DEFAULT_PATH
- SQLITE_ALLOW_ABSOLUTE_PATHS
- SQLITE_MAX_QUERY_TIME
- SQLITE_BACKUP_PATH
- DEBUG
Security Notes
The server explicitly prioritizes security with multiple layers: query classification (read-only, destructive, schema), strict path validation (preventing directory traversal, controlling absolute path access), and comprehensive input validation for all tool parameters using Valibot. Tools are categorized ('SAFE', 'DESTRUCTIVE', 'SCHEMA CHANGE', 'TRANSACTION') to enable fine-grained approval control by MCP clients. No direct 'eval' or unvalidated command injection vectors were identified. The use of 'better-sqlite3' relies on a native C++ module, which is generally secure, but its build process could expose supply chain risks if prebuilt binaries are not used or verified.
Similar Servers
pb_mcp_server
Provides an MCP interface for AI assistants to interact with PocketBase databases for data management, authentication, and administrative tasks.
sqlite-mcp-server
Transforms SQLite into an AI-ready database engine with specialized tools for data analysis, JSON operations, text/vector search, and geospatial processing, integrating with MCP clients.
mcp-sdlc-tracker
Provides a Model Context Protocol (MCP) server for SQLite-based task and project tracking with full SDLC entity, wiki, and comments management.
sqlite-mcp-server
Provides a dynamic SQLite database server as an MCP tool, allowing creation, table management, data insertion, and natural language querying of databases.